Hierarchical Navigation

Viewing Options

Cisco® Secure Access Control Server (ACS) provides a comprehensive, identity-based access policy system for Cisco intelligent information networks. It is the integration and control platform for managing access policy for network resources.

Cisco Secure ACS provides central management of access policies for both network access and device administration and supports a wide range of access scenarios including wireless LAN, 802.1x wired, and remote access. Cisco Secure ACS is the leading authentication, authorization, and accounting (AAA) platform in the market and is deployed by 90 percent of the top 500 Cisco customers. Cisco Secure ACS is available as a rack-mountable, dedicated appliance-Cisco Secure ACS Solution Engine-or as software that runs on Windows platforms, Cisco Secure ACS for Windows.

Product Overview

With the ever-increasing number of methods and opportunities for accessing networks today, security breaches and uncontrolled user access are of primary concern among enterprises. While the wide deployment of wireless LANs and remote access have increased security challenges at the perimeter, security risks inside the enterprise exist as well. Identity networking technologies such as 802.1x that can mitigate both internal and external security vulnerabilities have become of prime interest to customers worldwide. Network security officers and administrators need solutions that support flexible authentication and authorization policies that are tied to the user identity as well as context such as the network access type and the security of the machine used to access the network. Further, there is a need to audit network use and monitor corporate compliance.

Cisco Secure ACS is a powerful access policy system with management and scalability features for the growing organization. Table 1 lists the key features and benefits of Cisco Secure ACS 4.2.

Table 1. Key Features and Benefits of Cisco Secure ACS 4.2

Feature

Benefit

AAA protocols

Cisco Secure ACS supports two distinct protocols for authentication, authorization, and accounting (AAA). Cisco Secure ACS supports both RADIUS and TACACS+ for the concurrent support of network access and network device access control. Cisco Secure ACS is a single system for enforcing access policy.

Cisco Secure ACS allows the configuration of complex network access policies that may include authentication protocol requirements, device restrictions, time of day restrictions, posture validation, and other access requirements. Cisco Secure ACS may apply downloadable access control lists (dACLs), VLAN assignments, and other authorization parameters.

Centralized configuration management

Cisco Secure ACS replication allows administrator-defined configuration items to be replicated across ACS servers in the network, providing both flexibility and ease of administration for large networks. Provisioning is facilitated through a secure, web-based GUI, command-line interface (CLI), and relational database management system (RDBMS) synchronization to allow Cisco Secure ACS to fit in your workflow.

Logging

Cisco Secure ACS logs are viewable and exportable for use in other systems. Cisco Secure ACS logs support troubleshooting and diagnostics, compliance and auditing, and other reporting and billing activities.

Platform options

Cisco Secure ACS is available as a closed and hardened appliance or as Windows Server software for customers with existing practices for server/OS management. Cisco Secure ACS for Windows may be used with VMWare ESX Server for customers deploying virtual servers.

Cisco offers a wide range of services programs to accelerate customer success. These innovative programs are delivered through a unique combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco services help you to protect your network investment, optimize network operations, and prepare your network for new applications to extend network intelligence and the power of your business. For more information about Cisco services, see
Cisco Technical Support Services.